Saturday, July 4, 2015

Potentially Breached Entities (From Sensor Data) - 7-4-2014 2:21 AM EST

The following host have been detected as being potentially breached based on data from SLC Security owned and operated sensors. We have decided that we would start publishing a daily list to help these organizations get their network under control. While we believe these host to be breached they may also be involved in hacking attempts on other entities or may be used by hackers as a jump point to conduct other attacks. The following list are the bad entities for the last 24 hours. Our volunteers have detected the following attackers:

  • KM HOMES LLC - - Seen attacking external networks
  • University of Michigan College of Engineering - - Reported multiple times (No action taken)

Analyst Note: Please note that the Univ of Michigan has been reported at least 20 times and they have not stopped the activity. If they don't care about being on blacklist and about their end users not being able to access Internet resources then we don't care if they are breached. We have attempted to help them resolve their issues on numerous occasions however they continue to deny they have any issue. You can lead a cow to water but they don't drink milk! (makes about as much sense as the responses we have received).

UPDATE: Apparently the Univ of Michigan thinks it's OK to scan host. Some farther review of the IP in question shows that the IP is a research scanning system. So that being said they are not breached however they are definitely not good Netizens with the mass scanning. A review of logs indicates that the Univ of Michigan is scanning web servers for vulnerabilities and some other very nasty behavior.

SLC Security Services LLC operates honeypot and inline sensors located in 74 locations. Our OSINT-X platform collects data and is available in our paid feed products. For more information visit

No comments:

Post a Comment